20% of IT professionals have witnessed a security breach cover-up

Javvad Malik, Security Advocate at AlienVault, says results show a need for far greater support for employees and businesses when they fall victim to cyber attacks.

Research conducted by AlienVault has shown that 20% of IT security professionals have witnessed a breach being hidden or covered up. The survey also found that in the event of a breach, only 25% of professionals would see the best course of action as telling the regulator and paying the fine.


“Information security is still a comparatively immature industry,” argues Javvad Malik, security advocate for AlienVault. He fears that the rapid growth of the industry in such a short timeframe has forced security professionals to “make up the play book as they go along, evidenced by inconsistent disclosure practices as well as the ever-changing and complex legal path to navigate.”


The survey’s findings that 20% of IT security professionals have witnessed or been part of a breach being hidden is the prime indicator of the strain placed upon the industry. Malik attributes this to the competitive nature of the technology world, saying “the time and effort it could take to recover from a breach can be significant. Particularly where sensitive data is involved.”


The survey also showed that 66% of those surveyed view a breach as an opportunity to increase the funding for their security departments. According to Malik, this shows that “despite the raised profile of security, it still takes an incident to obtain budgets and raise security.”


Statistics like these are what Malik uses to argue for a much greater support base for IT security professionals, through training and networking, saying “most organisations are coming round to the belief that along a long enough time scale, a security incident or exposure in their product is inevitable.”


When asked if they need to resort to hacker forums and working with black hats to keep abreast of the latest threats and technologies – something that isn’t always legal - over half replied yes. Malik says “support from within the security industry on emerging threat and attacks isn’t sufficient or freely available to professionals liking to access information in a timely manner.”


It is also worth the consideration that it is a case of ‘know your enemy’, and Malik has strong anecdotal evidence of many in the industry believing this is the case.
It is these kinds of attitudes which Malik says needs to be remedied, or he fears “security professionals will find themselves under more pressure to cut corners and bend rules in order to keep the show on the road.” He suggests the culture of the industry should change to one that “accepts, fixes and moves along when they [breaches] do occur.”

Qlik widens its alliances, enhancing partner capabilities to streamline access to its data...
Financial services are leveraging AI for security but face visibility and complexity challenges in...
Marketplacer has integrated with Snowflake’s Marketplace Capability Delivery (MCD) Program,...
AnywhereNow has introduced Dialogue Cloud Neo, an omnichannel contact centre platform for...
Arrow Electronics has received Veeam’s 2026 EMEA Aggregator of the Year award, recognising its...
Qualcomm Incorporated has announced an agreement to acquire Modular, aiming to strengthen its...
Wasabi Technologies launches the Wasabi Impact Circle, helping partners track and mitigate carbon...
Commvault and Microsoft forge a new alliance to strengthen AI and cyber resilience for enterprises...